Vulnerabilities > Improper Certificate Validation

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-08	CVE-2025-30000	A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). local high complexity CWE-295	6.7
2025-02-10	CVE-2025-1002	Improper Certificate Validation vulnerability in Microdicom Dicom Viewer 2024.3 MicroDicom DICOM Viewer version 2024.03 fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. high complexity microdicom CWE-295	5.3
2025-02-04	CVE-2025-1014	Improper Certificate Validation vulnerability in Mozilla Firefox Certificate length was not properly checked when added to a certificate store. network low complexity mozilla CWE-295	8.8
2025-01-26	CVE-2023-38009	IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning. high complexity CWE-295	4.2
2025-01-07	CVE-2024-40702	IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validation. network low complexity CWE-295	8.2
2024-12-18	CVE-2024-47119	IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. network high complexity CWE-295	5.9
2024-11-22	CVE-2023-51634	Improper Certificate Validation vulnerability in Netgear Rax30 Firmware NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability. high complexity netgear CWE-295	7.5
2024-11-02	CVE-2024-51774	Improper Certificate Validation vulnerability in Qbittorrent qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors. network high complexity qbittorrent CWE-295	8.1
2024-10-22	CVE-2024-43177	Improper Certificate Validation vulnerability in IBM Concert 1.0.0/1.0.1 IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute. network low complexity ibm CWE-295 critical	9.8
2024-10-18	CVE-2024-47241	Improper Certificate Validation vulnerability in Dell Secure Connect Gateway 5.24.00.14 Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains an Improper Certificate Validation vulnerability. network low complexity dell CWE-295	8.1